This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here

United Kingdom

Select your regional store:


ISO 27001 Consultancy

IT Governance is the world’s leading ISO27001 service provider

“Having IT Governance on hand to guide our swift adoption of the ISO27001 Standard and provide ongoing expert support has been invaluable. They really understood the needs of a technology enterprise like ours.”

- Paul Green, Wirefast

IT Governance offers a comprehensive range of bespoke ISO 27001 compliance implementation services, as well as flexible, fixed-price packages to help organisations of any size implement an information security management system (ISMS) that is capable of independent, accredited certification.

View our ISO 27001 packaged solutions >>

Call us on 0845 070 1750 or email us to find out more about our consultancy offerings.

Hundreds of successful projects have started with an IT Governance ISO 27001 Health Check, designed for managers planning to implement ISO 27001 – especially with the aim of achieving accredited certification to the Standard.

Achieve accredited certification to ISO 27001 with the global experts

Our ISO/IEC 27001 consultancy team uses methodologies and tools that have been developed and honed over 15+ years, since two of our directors led the world’s first successful certification to BS 7799, the forerunner to ISO 27001.

What does a typical ISO 27001 project look like?

Although every consultancy project is different, our consultants combine deep technical expertise with an understanding of information security management principles and ISO 27001 best practice, ensuring that every client’s unique requirements are met.

IT Governance consultancy projects cover the following:

  1. Project mandate

    IT Governance works with your organisation to set the project and ISMS objectives.

  2. Project initiation

    The project framework, project roles, project plan, risk register and timelines will be discussed and agreed.

  3. ISMS initiation

    Project activities for initiating the ISMS, including a detailed review of the client’s documented policies and procedures, will be set up. These include creating organisational awareness about the project and its objectives.

  4. Management framework

    The scope of the ISMS, organisational context, and needs and expectations of interested parties are defined. IT Governance will capture information relevant to determining the scope through a series of interactive sessions, interviews or workshops with key members of the management team.

  5. Baseline security criteria

    The organisation’s baseline security criteria (BSC) are identified. BSC refer to the organisation’s business, legal and regulatory requirements, and contractual obligations as they relate to information security.

  6. Risk management

    ISO 27001 requires an organisation to define and apply an information security risk assessment process. This stage includes the development of a robust information security risk management methodology, which comprises an information security risk assessment and the recommendation of appropriate information security risk treatments.

  7. Implementation

    We deliver support and guidance for implementation activities, including providing staff awareness training and ensuring internal staff competence, reviewing outsourced suppliers, offering guidance on selecting appropriate controls, and providing general advice to ensure the project remains on track.

  8. Measurement, monitoring and review

    IT Governance will ensure that the performance of the ISMS and related activities are captured, analysed and reviewed, supporting the development of a continual improvement process. An appropriate internal audit programme will be established to support the organisation’s ISMS and related objectives.

  9. Audit

    This stage will include a pre-certification audit to help the organisation prepare for the certification audit. Support is provided throughout the certification audit. This will include discussing how best to address any issues the auditor might find before the final day of the audit.

  10. Post-certification activities

    Following certification, IT Governance will help to create an ongoing plan for the maintenance and continual improvement of the ISMS.

What are the benefits of ISO 27001 certification?

Find out how adopting an ISMS and gaining accredited ISO 27001 certification can benefit your business >>

Why 150+ organisations use IT Governance consultants for ISO27001:

  • Our 100% guarantee of successful certification provides the peace of mind that your project is in the hands of the world’s ISO 27001 experts.
  • Transparent pricing enables you to control the costs of achieving certification.
  • We support independent, accredited certification, enabling our clients to choose the certification body of their choice.
  • Our implementation approach and methodology is pragmatic, proven and straightforward (and we did write the book on how to do it).
  • We have deep technical expertise – all consultants hold at least ISO 27001 Lead Implementer and Lead Auditor certifications.
  • Our consultants translate risks into real business terms, meaning clients receive support developing a business case to secure the necessary information security investment.
  • IT Governance’s approach is to transfer the knowledge needed to maintain an information security management system (ISMS) post certification, making sure that clients are in control of their own ISMS.
  • IT Governance is independent of vendors and certification bodies, and encourages clients to select the best fit for their needs and objectives.
  • Our expertise in management standards means that we can help our clients integrate their ISMS with other frameworks and standards, such as ISO 9001, ISO 20000, ISO 14001, ITIL®, and the PCI DSS.

Please email us or telephone + 44 845 070 1750 today to speak to one of our consultancy team and arrange your free assessment.

ISO 27001 Consultancy Case Studies

IT Governance consultants have worked with a great many organisations, both public and private, across a wide range of market sectors and industry types.

Find out more about our ISO27001 Case Studies

What our clients say

“IT Governance was able to guide our implementation team from the initial phases; from suitably informed management support, to scoping, planning, communication, risk assessment, control selection, documentation, and testing … right up to the external audit by our chosen certification body, Bureau Veritas, leading to certification. Each step required us to understand what was being asked of us, and IT Governance consultants were there to ensure that we were ready.”

- Mike Fegan, Tribal

“Having IT Governance on hand to guide our swift adoption of the ISO27001 Standard and provide ongoing expert support has been invaluable. They really understood the needs of a technology enterprise like ours.”

- Paul Green, Wirefast

“I would have no hesitation in recommending IT Governance to others. The main advantage was their flexibility. IT Governance tailored their services, (whether it be training or consultancy) to our specific needs.”

- Paul Berry, Senior Project Manager, Martin Dawes Solutions

“We benefited hugely from IT Governance’s advice and they effectively mapped out the route we needed to follow. If I were faced with doing the project all over again, the first thing I would do is get an expert consultant in to make sure we were tackling things in the right way. IT Governance really know their stuff and immediately impressed us with their calm and reassuring approach.”

- Carol McCarthy, Head of Business Control, dsicmm

"On behalf of myself and colleagues a sincere thank you for all your input helping us achieve certification to the ISO27001 standard. Here we are, just 6 months after we started the project and the outcome has been described by the auditor as ‘a delight to audit’. Much of this has been down to the mentoring and coaching style IT Governance has used to steer us to our goal."

- David Gilbert, Global Business Development Manager at Goal Group of Companies

Please email us or telephone + 44 845 070 1750 to speak to one of our consultancy team today to kick-start your ISO 27001 project.

IT Governance is widely recognised among UKAS-accredited certification bodies as a leading consultancy:

Associate Consultant Programme
LRQA Consultants Network
LRQA Consultants Network

ISO27001 Solutions

BUY ISO27001 Online FastTrack CONSULTANCY

Use our expertise to implement ISO27001

Buy now

live chat support software